Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-11-TGBH] ID encoding in pre-schemes



  I like this approach. I would suggest using A2 as AAD in the HPKE wrapping instead of including it in the keyed hash as part of the body of the data being wrapped. In fact, it might make sense to bind some more of the header into AAD.

  HPKE does a one-way wrapping to a public key-- that is, it's not a bi-directional security association-- but it also includes a secret export capability from the state created by the single-shot operation. This secret export could be used to possibly protect a response from the AP, imagine possibly FTM or some pre-association interaction like that.

  One request (and this gets back to my comment to Graham today) is to describe the impact on the AP this approach has. Are there DOS considerations? 

  regards,

  Dan.

--
"the object of life is not to be on the side of the majority, but to
escape finding oneself in the ranks of the insane." – Marcus Aurelius
 
On 11/15/22, 11:14 PM, "Jouni Malinen" <jkmalinen@xxxxxxxxx> wrote:

    Based on the discussion today, I prepared a document to provide some
    more detail for an alternative mechanism of encoding ID information
    for pre-association use cases (i.e., something that does not use the
    MAC address field in the frame header). I posted an initial draft (*)
    of that if someone wants to review it before the next slot where I'm
    hoping to get agenda time to go through the presentation. Please let
    me know if you have any questions or comments on the contents and in
    particular, if you would like something to be changed or added before
    the presentation.
    
    (*) https://mentor.ieee.org/802.11/dcn/22/11-22-2013-00-00bh-id-encoding-in-pre-schemes.pptx 
    
    - Jouni
    
    ________________________________________________________________________
    To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1 
    


________________________________________________________________________
To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1